Method: accounts.mfaSignIn.finalize

HTTP request
Request body
- JSON representation
Response body
- JSON representation
Authorization scopes
MfaTotpSignInRequestInfo
- JSON representation
Try it!

Verifies the MFA challenge and performs sign-in

HTTP request

POST https://identitytoolkit.googleapis.com/v2/accounts/mfaSignIn:finalize

Request body

The request body contains data with the following structure:

JSON representation

JSON representation
{ "mfaPendingCredential": string, "tenantId": string, "mfaEnrollmentId": string, // Union field `verification_info` can be only one of the following: "phoneVerificationInfo": { object (`FinalizeMfaPhoneRequestInfo`) }, "totpVerificationInfo": { object (`MfaTotpSignInRequestInfo`) } // End of list of possible types for union field `verification_info`. }

{
  "mfaPendingCredential": string,
  "tenantId": string,
  "mfaEnrollmentId": string,

  // Union field verification_info can be only one of the following:
  "phoneVerificationInfo": {
    object (FinalizeMfaPhoneRequestInfo)
  },
  "totpVerificationInfo": {
    object (MfaTotpSignInRequestInfo)
  }
  // End of list of possible types for union field verification_info.
}

Fields
`mfaPendingCredential`	`string` Required. Pending credential from first factor sign-in.
`tenantId`	`string` The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.
`mfaEnrollmentId`	`string` The MFA enrollment ID from the user's list of current MFA enrollments.
Union field `verification_info`. Proof of completion of the MFA challenge. `verification_info` can be only one of the following:
`phoneVerificationInfo`	`object (FinalizeMfaPhoneRequestInfo)` Proof of completion of the SMS based MFA challenge.
`totpVerificationInfo`	`object (MfaTotpSignInRequestInfo)` Proof of completion of the TOTP based MFA challenge.

Response body

mfaSignIn.finalize response.

If successful, the response body contains data with the following structure:

JSON representation

JSON representation
{ "idToken": string, "refreshToken": string, // Union field `auxiliary_auth_info` can be only one of the following: "phoneAuthInfo": { object (`FinalizeMfaPhoneResponseInfo`) } // End of list of possible types for union field `auxiliary_auth_info`. }

{
  "idToken": string,
  "refreshToken": string,

  // Union field auxiliary_auth_info can be only one of the following:
  "phoneAuthInfo": {
    object (FinalizeMfaPhoneResponseInfo)
  }
  // End of list of possible types for union field auxiliary_auth_info.
}

Fields
`idToken`	`string` ID token for the authenticated user.
`refreshToken`	`string` Refresh token for the authenticated user.
Union field `auxiliary_auth_info`. MFA verified sign-in information. `auxiliary_auth_info` can be only one of the following:
`phoneAuthInfo`	`object (FinalizeMfaPhoneResponseInfo)` Extra phone auth info, including android verification proof.

Authorization scopes

Requires one of the following OAuth scopes:

https://www.googleapis.com/auth/identitytoolkit
https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

MfaTotpSignInRequestInfo

TOTP verification info for FinalizeMfaSignInRequest.

JSON representation
{ "verificationCode": string }

Fields

Fields
`verificationCode`	`string` User-entered verification code.

verificationCode

string

User-entered verification code.